Throughout the OpenStack Cloud Computing Cookbook we expect the reader to have access to the client tools required to operate an OpenStack environment. If these are not installed, they can be installed by following this simple guide.

This guide will cover installation of

Nova Client

Keystone Client

Neutron Client

Glance Client

Cinder Client

Swift Client

Heat Client

Getting ready

To use the tools and this guide, you are expected to have access to a Ubuntu (preferably 14.04 LTS) server or PC that has access to the network where you are installing OpenStack.

Typically these export lines are written to a file, for example called ‘$home/openrc’ that allows a user to simply execute the following command to source in these to use with OpenStack

source openrc

(or in Bash: . openrc)

Configuring Keystone for the first time

To initially configure Keystone, we utilize the SERVICE_TOKEN and SERVICE_ENDPOINT environment variables. The SERVICE_TOKEN is found in /etc/keystone/keystone.conf and should only be used for bootstrapping Keystone. Set the environment up as follows

This bypasses the usual authentication process to allow services and users to be configured in Keystone before the users and passwords exist.

How it works…

The OpenStack command line tools utilize environment variables to know how to interact with OpenStack. The environment variables are easy to understand in terms of their function. A user is able to control multiple environments by simply changing the relevant environment variables.

To initially install the users and services, a SERVICE_TOKEN must be used as at this first stage there are no users in the Keystone database to assign administrative privileges to. Once the initial users and services has been set up, the SERVICE_TOKEN should not be used unless maintenance and troubleshooting calls for it.

Sounds like your environment isn’t setup quite right. Try adding “–insecure” to the keystone command and see if it bypasses the error. At some point during the vagrant up, it is possible there might have been an error that didn’t stop the full thing to come up properly (and therefore the certificates in your environment aren’t valid).

Yes, it works using — insecure but then the use of SSL is missing.
Do you think I should be using the different Vagrantfile for Windows since I am running the Virtualbox and the Vagrant for Windows ? I think the instruction maybe bit more structured will help as I am getting lost.. I definitely find a lot of troubleshooting just to setup. Still unable to play around Openstack modules..

We don’t make any guarantees with Windows being the host. For the best experience we use Mac OSX and Linux. The issue you have is that SSL is working, but your client setup isn’t. If you are using the controller VM, it is referencing /vagrant/cakey.pem and ca.pem. Ensure that this path is available to your controller – else copy those files to the controller, adjust your environment (or openrc file) and try again. Failing that, just alias all clients so that insecure is always used.